TheDude
/
mythril
mirror of https://github.com/ConsenSys/mythril
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Intialize disassembly in ETHCContract init method

Browse Source
pull/88/head
Bernhard Mueller 7 years ago
parent a2d98ec5ef
commit 851283bc5c
8 changed files with 15 additions and 15 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      mythril/analysis/modules/external_calls.py
  2. 2
      mythril/analysis/symbolic.py
  3. 7
      mythril/ether/ethcontract.py
  4. 2
      mythril/ether/soliditycontract.py
  5. 7
      mythril/support/loader.py
  6. 2
      requirements.txt
  7. 4
      setup.py
  8. 2
      tests/ethcontract_test.py

4
mythril/analysis/modules/external_calls.py
Unescape View File

@ -51,7 +51,7 @@ def execute(statespace):
if (call.type == "CALL"): if (call.type == "CALL"):
logging.debug("[EXTERNAL_CALLS] Call to: " + str(call.to) + ", value " + str(call.value) + ", gas = " + str(call.gas)) logging.info("[EXTERNAL_CALLS] Call to: " + str(call.to) + ", value " + str(call.value) + ", gas = " + str(call.gas))
if (call.to.type == VarType.SYMBOLIC and (call.gas.type == VarType.CONCRETE and call.gas.val > 2300) or (call.gas.type == VarType.SYMBOLIC and "2300" not in str(call.gas))): if (call.to.type == VarType.SYMBOLIC and (call.gas.type == VarType.CONCRETE and call.gas.val > 2300) or (call.gas.type == VarType.SYMBOLIC and "2300" not in str(call.gas))):
@ -103,6 +103,8 @@ def execute(statespace):
state_change_addresses = search_children(statespace, call.node, call.state_index + 1) state_change_addresses = search_children(statespace, call.node, call.state_index + 1)
logging.info("Detected state changes at: " + str(state_change_addresses))
if (len(state_change_addresses)): if (len(state_change_addresses)):
for address in state_change_addresses: for address in state_change_addresses:
description = "The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities." description = "The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities."

2
mythril/analysis/symbolic.py
Unescape View File

@ -13,7 +13,7 @@ class SymExecWrapper:
def __init__(self, contract, address, dynloader=None, max_depth=12): def __init__(self, contract, address, dynloader=None, max_depth=12):
account = svm.Account(address, contract.get_disassembly(), contract_name=contract.name) account = svm.Account(address, contract.disassembly, contract_name=contract.name)
self.accounts = {address: account} self.accounts = {address: account}

7
mythril/ether/ethcontract.py
Unescape View File

@ -17,6 +17,7 @@ class ETHContract(persistent.Persistent):
code = re.sub(r'(_+[A-Za-z0-9]+_+)', 'aa' * 20, code) code = re.sub(r'(_+[A-Za-z0-9]+_+)', 'aa' * 20, code)
self.code = code self.code = code
self.disassembly = Disassembly(self.code)
def as_dict(self): def as_dict(self):
@ -25,7 +26,7 @@ class ETHContract(persistent.Persistent):
'name': self.name, 'name': self.name,
'code': self.code, 'code': self.code,
'creation_code': self.creation_code, 'creation_code': self.creation_code,
'disassembly': self.get_disassembly() 'disassembly': self.disassembly
} }
def get_xrefs(self): def get_xrefs(self):
@ -45,10 +46,6 @@ class ETHContract(persistent.Persistent):
return xrefs return xrefs
def get_disassembly(self):
return Disassembly(self.code)
def get_easm(self): def get_easm(self):
return Disassembly(self.code).get_easm() return Disassembly(self.code).get_easm()

2
mythril/ether/soliditycontract.py
Unescape View File

@ -94,7 +94,7 @@ class SolidityContract(ETHContract):
def get_source_info(self, address): def get_source_info(self, address):
index = helper.get_instruction_index(self.get_disassembly().instruction_list, address) index = helper.get_instruction_index(self.disassembly.instruction_list, address)
solidity_file = self.solidity_files[self.mappings[index].solidity_file_idx] solidity_file = self.solidity_files[self.mappings[index].solidity_file_idx]

7
mythril/support/loader.py
Unescape View File

@ -1,4 +1,5 @@
from mythril.ether.ethcontract import ETHContract from mythril.ether.ethcontract import ETHContract
from mythril.disassembler.disassembly import Disassembly
import logging import logging
import re import re
@ -34,7 +35,7 @@ class DynLoader:
def dynld(self, contract_address, dependency_address): def dynld(self, contract_address, dependency_address):
logging.info("Dynld at contract " + contract_address + ": " + dependency_address) logging.info("Dynld at contract " + contract_address + ": " + dependency_address)
m = re.match(r'^(0x[0-9a-fA-F]{40})$', dependency_address) m = re.match(r'^(0x[0-9a-fA-F]{40})$', dependency_address)
@ -44,11 +45,11 @@ class DynLoader:
else: else:
return None return None
logging.info("Dependency address: " + dependency_address) logging.info("Dependency address: " + dependency_address)
code = self.eth.eth_getCode(dependency_address) code = self.eth.eth_getCode(dependency_address)
if (code == "0x"): if (code == "0x"):
return None return None
else: else:
return ETHContract(self.eth.eth_getCode(dependency_address)).get_disassembly() return Disassembly(code)

2
requirements.txt
Unescape View File

@ -1,7 +1,7 @@
ethereum>=2.0.4 ethereum>=2.0.4
ZODB>=5.3.0 ZODB>=5.3.0
z3-solver>=4.5 z3-solver>=4.5
laser-ethereum==0.5.15 laser-ethereum==0.5.16
requests requests
BTrees BTrees
py-solc py-solc

4
setup.py
Unescape View File

@ -254,7 +254,7 @@ Credit
setup( setup(
name='mythril', name='mythril',
version='0.14.4', version='0.14.5',
description='Security analysis tool for Ethereum smart contracts', description='Security analysis tool for Ethereum smart contracts',
long_description=long_description, long_description=long_description,
@ -290,7 +290,7 @@ setup(
'ethereum>=2.0.4', 'ethereum>=2.0.4',
'ZODB>=5.3.0', 'ZODB>=5.3.0',
'z3-solver>=4.5', 'z3-solver>=4.5',
'laser-ethereum==0.5.15', 'laser-ethereum==0.5.16',
'requests', 'requests',
'BTrees', 'BTrees',
'py-solc' 'py-solc'

2
tests/ethcontract_test.py
Unescape View File

@ -14,7 +14,7 @@ class Getinstruction_listTestCase(ETHContractTestCase):
contract = ETHContract(self.code, self.creation_code) contract = ETHContract(self.code, self.creation_code)
disassembly = contract.get_disassembly() disassembly = contract.disassembly
self.assertEqual(len(disassembly.instruction_list), 53, 'Error disassembling code using ETHContract.get_instruction_list()') self.assertEqual(len(disassembly.instruction_list), 53, 'Error disassembling code using ETHContract.get_instruction_list()')

Write Preview
Loading…
Cancel
Save